The server needs a network interface for each subnet served by the DHCP server. Most servers today already have this, but you can purchase a multiple port NIC card that is PCI or PCIE compliant (or even USB). You would want one port listening on one subnet and another port listening on the other.

Essentially, a single network port on a server can only serve DHCP to one subnet, so you would need to use another network port, plug it into that subnet, and configure the DHCP scope to serve that subnet.

Thanks for your help. I was wondering another thing. You was talking about two network interfaces but nowadays, we can have more than 1 ip (of diferent ranges) in the same network card. If i could have use the same card it would be excelent becouse i could use the same swiches too.

Justin is on the right path here with this question. if you are on a /24 netowork you will have to vlan your machine to get them to request a DHCP address from a different subnet. eventhough you are "reserving" ips your DHCP still have to hand them out.

You don't need two NIC's (tho it is easier). You can turn on DHCP/bootp relay on your router. Essentially you would turn that on and point to the IP address of your DHCP server. I host 3 scopes on my DHCP server this way.

You don't need two NIC's (tho it is easier). You can turn on DHCP/bootp relay on your router. Essentially you would turn that on and point to the IP address of your DHCP server. I host 3 scopes on my DHCP server this way.

Absolutely true. This works with just one NIC, but I answered with multiple as many servers have this standard, and it's less complex (for me at least).

change the netmask to /21 (FF.FF.F8.00) so everything is on the same subnet. You can either do static assignments for .7.xx devices or setup a second .7 lease pool with exactly the number of reservations you want and then reserve all of them so the only DHCP pool with available leases is the .6.xx pool.

Your idea is good but i cant do that becouse my idea is preventing malware and virus (and other diferent stuff) from the outside PC's (guest people who come to my company) and the controled PC's of my company. And in that case the mask will be public and the malware will search the intire pool...